Re: ESP corruption bug - what CPUs are affected?

From: Pavel Machek
Date: Tue Sep 21 2004 - 06:25:43 EST

Next message: hooper: "Assistance Please"
Previous message: Alan Cox: "Re: [PATCH] ppc64: Fix __raw_* IO accessors"
In reply to: Stas Sergeev: "Re: ESP corruption bug - what CPUs are affected?"
Next in thread: Denis Vlasenko: "Re: ESP corruption bug - what CPUs are affected?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> >for subsequent push/pop/call/ret operations.
> >But if code uses full ESP, thinking that upper 16 bits are zero,
> >it will crash badly. Correct me if I'm wrong.
> That's correct. But you should note that the
> program not just "thinks" that the upper 16 bits
> are zero. It writes zero there itself, and a few
> instructions later - oops, it is no longer zero...

Hmm, perhaps this can also be viewed as a "information leak"? Program
running under dosemu is not expected to know high bits of kernel
%esp...
Pavel
--
People were complaining that M$ turns users into beta-testers...
...jr ghea gurz vagb qrirybcref, naq gurl frrz gb yvxr vg gung jnl!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: hooper: "Assistance Please"
Previous message: Alan Cox: "Re: [PATCH] ppc64: Fix __raw_* IO accessors"
In reply to: Stas Sergeev: "Re: ESP corruption bug - what CPUs are affected?"
Next in thread: Denis Vlasenko: "Re: ESP corruption bug - what CPUs are affected?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]